[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH v3 21/34] Adapt to VIR_STRDUP and VIR_STRNDUP in src/security/*



---
 src/security/security_apparmor.c | 20 ++--------
 src/security/security_dac.c      | 23 ++++--------
 src/security/security_nop.c      |  7 +---
 src/security/security_selinux.c  | 79 +++++++++++-----------------------------
 src/security/virt-aa-helper.c    |  4 +-
 5 files changed, 37 insertions(+), 96 deletions(-)

diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index 5fb5db3..84faebd 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -446,24 +446,15 @@ AppArmorGenSecurityLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
     if ((profile_name = get_profile_name(def)) == NULL)
         return rc;
 
-    secdef->label = strndup(profile_name, strlen(profile_name));
-    if (!secdef->label) {
-        virReportOOMError();
+    if (VIR_STRDUP(secdef->label, profile_name) < 0)
         goto clean;
-    }
 
     /* set imagelabel the same as label (but we won't use it) */
-    secdef->imagelabel = strndup(profile_name,
-                                 strlen(profile_name));
-    if (!secdef->imagelabel) {
-        virReportOOMError();
+    if (VIR_STRDUP(secdef->imagelabel, profile_name) < 0)
         goto err;
-    }
 
-    if (!secdef->model && !(secdef->model = strdup(SECURITY_APPARMOR_NAME))) {
-        virReportOOMError();
+    if (!secdef->model && VIR_STRDUP(secdef->model, SECURITY_APPARMOR_NAME) < 0)
         goto err;
-    }
 
     /* Now that we have a label, load the profile into the kernel. */
     if (load_profile(mgr, secdef->label, def, NULL, false) < 0) {
@@ -933,10 +924,7 @@ AppArmorGetMountOptions(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
 {
     char *opts;
 
-    if (!(opts = strdup(""))) {
-        virReportOOMError();
-        return NULL;
-    }
+    ignore_value(VIR_STRDUP(opts, ""));
     return opts;
 }
 
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index cd214d8..c894517 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -76,11 +76,8 @@ int parseIds(const char *label, uid_t *uidPtr, gid_t *gidPtr)
     char *owner = NULL;
     char *group = NULL;
 
-    tmp_label = strdup(label);
-    if (tmp_label == NULL) {
-        virReportOOMError();
+    if (VIR_STRDUP(tmp_label, label) < 0)
         goto cleanup;
-    }
 
     /* Split label */
     sep = strchr(tmp_label, ':');
@@ -1051,18 +1048,12 @@ virSecurityDACGenLabel(virSecurityManagerPtr mgr,
         return rc;
     }
 
-    if (!seclabel->norelabel) {
-        if (seclabel->imagelabel == NULL && seclabel->label != NULL) {
-            seclabel->imagelabel = strdup(seclabel->label);
-            if (seclabel->imagelabel == NULL) {
-                virReportError(VIR_ERR_INTERNAL_ERROR,
-                               _("cannot generate dac user and group id "
-                                 "for domain %s"), def->name);
-                VIR_FREE(seclabel->label);
-                seclabel->label = NULL;
-                return rc;
-            }
-        }
+    if (!seclabel->norelabel &&
+        seclabel->imagelabel == NULL && seclabel->label != NULL &&
+        VIR_STRDUP(seclabel->imagelabel, seclabel->label) < 0) {
+        VIR_FREE(seclabel->label);
+        seclabel->label = NULL;
+        return rc;
     }
 
     return 0;
diff --git a/src/security/security_nop.c b/src/security/security_nop.c
index 2b9767e..233404c 100644
--- a/src/security/security_nop.c
+++ b/src/security/security_nop.c
@@ -20,7 +20,7 @@
 #include <config.h>
 
 #include "security_nop.h"
-
+#include "virstring.h"
 #include "virerror.h"
 
 #define VIR_FROM_THIS VIR_FROM_SECURITY
@@ -182,10 +182,7 @@ static char *virSecurityDomainGetMountOptionsNop(virSecurityManagerPtr mgr ATTRI
 {
     char *opts;
 
-    if (!(opts = strdup(""))) {
-        virReportOOMError();
-        return NULL;
-    }
+    ignore_value(VIR_STRDUP(opts, ""));
     return opts;
 }
 
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index a85f0a3..dcec32b 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -202,10 +202,8 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
         goto cleanup;
     }
 
-    if (!(*sens = strdup(context_range_get(ourContext)))) {
-        virReportOOMError();
+    if (VIR_STRDUP(*sens, context_range_get(ourContext)) < 0)
         goto cleanup;
-    }
 
     /* Find and blank out the category part (if any) */
     tmp = strchr(*sens, ':');
@@ -312,10 +310,7 @@ virSecuritySELinuxContextAddRange(security_context_t src,
         goto cleanup;
     }
 
-    if (!(ret = strdup(str))) {
-        virReportOOMError();
-        goto cleanup;
-    }
+    ignore_value(VIR_STRDUP(ret, str));
 
 cleanup:
     if (srccon) context_free(srccon);
@@ -385,10 +380,8 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
                              _("Unable to format SELinux context"));
         goto cleanup;
     }
-    if (!(ret = strdup(str))) {
-        virReportOOMError();
+    if (VIR_STRDUP(ret, str) < 0)
         goto cleanup;
-    }
     VIR_DEBUG("Generated context '%s'",  ret);
 cleanup:
     freecon(ourSecContext);
@@ -451,17 +444,10 @@ virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr)
         goto error;
     }
 
-    data->domain_context = strdup(scon->str);
-    data->file_context = strdup(tcon->str);
-    data->content_context = strdup(dcon->str);
-    if (!data->domain_context ||
-        !data->file_context ||
-        !data->content_context) {
-        virReportSystemError(errno,
-                             _("cannot allocate memory for LXC SELinux contexts '%s'"),
-                             selinux_lxc_contexts_path());
+    if (VIR_STRDUP(data->domain_context, scon->str) < 0 ||
+        VIR_STRDUP(data->file_context, tcon->str) < 0 ||
+        VIR_STRDUP(data->content_context, dcon->str) < 0)
         goto error;
-    }
 
     if (!(data->mcs = virHashCreate(10, NULL)))
         goto error;
@@ -520,11 +506,8 @@ virSecuritySELinuxQEMUInitialize(virSecurityManagerPtr mgr)
         *ptr = '\0';
         ptr++;
         if (*ptr != '\0') {
-            data->alt_domain_context = strdup(ptr);
-            if (!data->alt_domain_context) {
-                virReportOOMError();
+            if (VIR_STRDUP(data->alt_domain_context, ptr) < 0)
                 goto error;
-            }
             ptr = strchrnul(data->alt_domain_context, '\n');
             if (ptr && *ptr == '\n')
                 *ptr = '\0';
@@ -544,11 +527,8 @@ virSecuritySELinuxQEMUInitialize(virSecurityManagerPtr mgr)
     ptr = strchrnul(data->file_context, '\n');
     if (ptr && *ptr == '\n') {
         *ptr = '\0';
-        data->content_context = strdup(ptr+1);
-        if (!data->content_context) {
-            virReportOOMError();
+        if (VIR_STRDUP(data->content_context, ptr+1) < 0)
             goto error;
-        }
         ptr = strchrnul(data->content_context, '\n');
         if (ptr && *ptr == '\n')
             *ptr = '\0';
@@ -643,11 +623,12 @@ virSecuritySELinuxGenSecurityLabel(virSecurityManagerPtr mgr,
         }
 
         range = context_range_get(ctx);
-        if (!range ||
-            !(mcs = strdup(range))) {
+        if (!range) {
             virReportOOMError();
             goto cleanup;
         }
+        if (VIR_STRDUP(mcs, range) < 0)
+            goto cleanup;
         break;
 
     case VIR_DOMAIN_SECLABEL_DYNAMIC:
@@ -711,10 +692,8 @@ virSecuritySELinuxGenSecurityLabel(virSecurityManagerPtr mgr,
     }
 
     if (!seclabel->model &&
-        !(seclabel->model = strdup(SECURITY_SELINUX_NAME))) {
-        virReportOOMError();
+        VIR_STRDUP(seclabel->model, SECURITY_SELINUX_NAME) < 0)
         goto cleanup;
-    }
 
     rc = 0;
 
@@ -1391,10 +1370,8 @@ virSecuritySELinuxSetSecurityHostdevCapsLabel(virDomainDefPtr def,
                 return -1;
             }
         } else {
-            if (!(path = strdup(dev->source.caps.u.storage.block))) {
-                virReportOOMError();
+            if (VIR_STRDUP(path, dev->source.caps.u.storage.block) < 0)
                 return -1;
-            }
         }
         ret = virSecuritySELinuxSetFilecon(path, secdef->imagelabel);
         VIR_FREE(path);
@@ -1409,10 +1386,8 @@ virSecuritySELinuxSetSecurityHostdevCapsLabel(virDomainDefPtr def,
                 return -1;
             }
         } else {
-            if (!(path = strdup(dev->source.caps.u.misc.chardev))) {
-                virReportOOMError();
+            if (VIR_STRDUP(path, dev->source.caps.u.misc.chardev) < 0)
                 return -1;
-            }
         }
         ret = virSecuritySELinuxSetFilecon(path, secdef->imagelabel);
         VIR_FREE(path);
@@ -1559,10 +1534,8 @@ virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
                 return -1;
             }
         } else {
-            if (!(path = strdup(dev->source.caps.u.storage.block))) {
-                virReportOOMError();
+            if (VIR_STRDUP(path, dev->source.caps.u.storage.block) < 0)
                 return -1;
-            }
         }
         ret = virSecuritySELinuxRestoreSecurityFileLabel(mgr, path);
         VIR_FREE(path);
@@ -1577,10 +1550,8 @@ virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
                 return -1;
             }
         } else {
-            if (!(path = strdup(dev->source.caps.u.misc.chardev))) {
-                virReportOOMError();
+            if (VIR_STRDUP(path, dev->source.caps.u.misc.chardev) < 0)
                 return -1;
-            }
         }
         ret = virSecuritySELinuxRestoreSecurityFileLabel(mgr, path);
         VIR_FREE(path);
@@ -2366,7 +2337,7 @@ virSecuritySELinuxGenImageLabel(virSecurityManagerPtr mgr,
     const char *range;
     context_t ctx = NULL;
     char *label = NULL;
-    const char *mcs = NULL;
+    char *mcs = NULL;
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
     if (secdef == NULL)
@@ -2380,11 +2351,8 @@ virSecuritySELinuxGenImageLabel(virSecurityManagerPtr mgr,
         }
         range = context_range_get(ctx);
         if (range) {
-            mcs = strdup(range);
-            if (!mcs) {
-                virReportOOMError();
+            if (VIR_STRDUP(mcs, range) < 0)
                 goto cleanup;
-            }
             if (!(label = virSecuritySELinuxGenNewContext(data->file_context,
                                                           mcs, true)))
                 goto cleanup;
@@ -2392,9 +2360,9 @@ virSecuritySELinuxGenImageLabel(virSecurityManagerPtr mgr,
     }
 
 cleanup:
-        context_free(ctx);
-        VIR_FREE(mcs);
-        return label;
+    context_free(ctx);
+    VIR_FREE(mcs);
+    return label;
 }
 
 static char *
@@ -2417,11 +2385,8 @@ virSecuritySELinuxGetSecurityMountOptions(virSecurityManagerPtr mgr,
         }
     }
 
-    if (!opts &&
-        !(opts = strdup(""))) {
-        virReportOOMError();
+    if (!opts && VIR_STRDUP(opts, "") < 0)
         return NULL;
-    }
 
     VIR_DEBUG("imageLabel=%s opts=%s",
               secdef ? secdef->imagelabel : "(null)", opts);
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index b526919..63594ce 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -773,7 +773,7 @@ vah_add_file(virBufferPtr buf, const char *path, const char *perms)
             return rc;
         }
     } else
-        if ((tmp = strdup(path)) == NULL)
+        if (VIR_STRDUP_QUIET(tmp, path) < 0)
             return rc;
 
     if (strchr(perms, 'w') != NULL)
@@ -1103,7 +1103,7 @@ vahParseArgv(vahControl * ctl, int argc, char **argv)
                 break;
             case 'f':
             case 'F':
-                if ((ctl->newfile = strdup(optarg)) == NULL)
+                if (VIR_STRDUP_QUIET(ctl->newfile, optarg) < 0)
                     vah_error(ctl, 1, _("could not allocate memory for disk"));
                 ctl->append = arg == 'F';
                 break;
-- 
1.8.1.5


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]